FOAF-Realm - control your friends' access to resources

Sebastian Ryszard Kruk

DERI.Galway, Ireland & Technical University of
Gdansk, Poland

Friend-of-a-Friend (FOAF) idea brought to
classical authentications mechanisms implemented in Servlet
Containers (ie. Jakarta Tomcat) has been described. Proposition of
percentage friendship evaluation based on reification of
<foaf:knows> statements has been presented. Applications of
FOAF-Realm ideas in the fields of knowledge sharing, digital
libraries and community based negotiations have been discussed.
Common problems and solutions concerning use of FOAF in presented
applications have been described.

1. Introduction

Social networking, instant messaging, P2P are now what
Internet is heading to. Many web applications are developing to
satisfy this ideas. During my prevailing work on Elvis Digital
Library1
and MarcOnt initiative2 I have noticed
that those systems would benefit from embeded mechanisms of
authorizing and controling the sharing of resource amoung
users.

FOAF3 is a great idea of making use of
RDF4 to
describe the friendship relations between people. Why not than make
use of this information in order to ie. control access to resources
or give different weights of votes during negotiations. The only
thing that would matter would be how far is one person from the
other. We could than describe how one can view ie. our photos by
specifing the maximum length of the path between us and him or her.
Our suggestions in negotiations would gain more points if they were
approved by people we know less.

FOAF idea of describing distributed directed graph of
friendship relations, where everyone specifies his friends only and
no one else should modify this information meets some issues that
should be solved. First one is a security issue, that requires,
that apart from all the information described by FOAF ontology,
also the SHA1 value of password should be provided. It seams also
that saying A :knows B is not enough and in the real world we would
rather consider this relation in more precise way, like A
:knows-very-good B. Though it seams that the threshold values
should be smoothed as much as it is possible. The last but not the
least is the trust issue - if the information is distributed how
can we controll that no one else can ie. add additional friendship
relations and in that way violate the security constraints imposed
by owner of the resource and gain access to it.

In this article I will try to answer the first two issues,
while leaving the last one to the people who so far did some
research in the field of trust in RDF domain.

2. How well do I know you?

It is very common in the real world that we say that one of
our friends is closer that the other. In most cases we are able to
evaluate our friendships on the base of hitherto events. Some of
the extensions of FOAF provides additional properties to say that
ie. someone is our "very good friend" or "never-met acquaintance".
Online communities like Orkut5 are
satisfied enough with it.

2.1 Who do I know better?

The idea of FOAF-Realm is to handle real world situations in
the similar manner. For example in some cases we would rather share
some resources with friends of our friends than our own friends,
ie. if we have a very good friend it means that his/her very good
friends are better known by us, that some of our friends that we
barely know or have never met at all. (see Picture 2.1 - Who
is a closer friend ?). That is why evaluating the friendship is
one of the solutions.

Picture 2.1 - Who is a closer friend ?

2.2 Saying how much is the statement true

Let's assume that <foaf:knows> represents average
frienship. There is however whole range of friendships from very
close (very good friend) to very distant one (person I
have never met). Let's now evaluate every friendship from 0%
(very distant) to 100% (very close), with 50% represeting average
friendship (see Picture 2.2
- How much <foaf:knows> is true ?).

Picture 2.2 - How much <foaf:knows> is
true ?

Now we have to attach this information to the
<foaf:knows> statement. Because FOAF is an application of RDF
it has all its benefits and drawback as well. The most convenient
way is to make use of reifications6 that is
to make statements about statement. Picture 2.3 -
Reified foaf:knows statement presents how to evaluate the
friendship between two people.

Picture 2.3 - Reified foaf:knows statement

2.3 Evaluating friendship between two people

To find out if the specified person is allowed to access given
resource within defined roles we have to find the closest distance
between two people and the highest level of friendship. There are
however two approaches depending on the goal:

if we have to find the right value of distance and level of
friendship between two persons the best choice is the Dijkstra
algorithm

if we know exactly the maximal acceptable diststance or the
minimal acceptable level of friendship the small modification
should be implemented, to finish the evaluating process as soon as
we know the answer (true or false).

Picture 2.4 - Evaluating the friendship between Person_A
and Person_B presents possible solutions depending on given
goal. The shortest way between Person_A and Person_B is a direct
connection, but the connection of the highest overall level of
friendship is Person_A -> Person_C -> Person_D -> Person_B
[47.6%]. If the minimal requirements are 2 connections and level of
friendship above 25% the algorithm can end up with path Person_A
-> Person_E -> Person_B [28.8%].
In many real situations this can save a lot of time when answering
the method isUserInRole().

Picture 2.4 - Evaluating the friendship between
Person_A and Person_B

2.4 It it realy me

The only thing that this extended FOAF picture lacks is a
authentication, in order to use it in FOAF-Realm application. The
<foaf:mbox> property can be used as a login, though in some
situations only the <foaf:mbox_sha1sum> is stored. The
application should generated SHA1 sum from <foaf:mbox> value
and pick up the person with resulting value of
<foaf:mbox_sha1sum>. Similarly the password can be treated.
The only information stored in model is
<xfoaf:passowrd_sha1sum> value which is compared by
org.apache.catalina.Realm implementation with SHA1 sum
generated from password provided by the user.

3. FOAF-Realm

The idea of FOAF-Realm has emerge accidently at the same time
when the latest implementation of reference Servlet/JSP container -
Tomcat 5.0 has occured. This version of container provides
interface org.apache.catalina.Realm for implementing own
realms. The information stored in FOAF model can be transparently
used in such a realm, providing not yet-another-way to store
authentication information, but just realy new approach to
authenticate people and define their priviledges.

Access to the resources is in FOAF-Realm not only restricted
to a flat (defining no hierachy) set of roles. In FOAF-Realm user
can define as precisely as a concrete person and as generaly as
members of a group/community that is distant from defined
group/community by the given constraints. This way the
authentication mechanism can be easy and still provide required
level of trust.

3.1 Three parts of the story

The FOAF-Realm consists in fact of three parts that together
with Jena library and HSQL database are placed on different tiers
of FOAF-Realm architecture (see: Picture 3.1 - FOAF-Realm
architecture).

Picture 3.1 - FOAF-Realm architecture

3.1.1 FOAFmanage - simple library for important jobs

FOAFmanage wraps communication with Jena library in order to
manage the model with FOAF information enriched with reifications
about level of friendships defined by <foaf:knows> statements
and SHA1 sums of passwords of persons defined in local model.
Future version should also provide means to digest information
pointed by <rdf:seeAlso> properties. This library is also
responsible for evaluating the frienship between two given persons.
It handles both Dijkstra algorithm and it's shortcut
modification.

This library is used directly both by FOAFrealm
(implementation of org.apache.catalina.Realm) and
FOAFrealm_manager (web application designed to manage the enriched
FOAF model). It is also very likely that other (web) applications
would benefit from using this library - as it is a complete FOAF
solution. At the moment it lacks good testing and is designed to
handle only the same properties that are supported by
FOAF-a-matic.

3.1.2 FOAF-realm - implement the Tomcat's Realm interface

FOAFrealm is a library that consists of the implementations of
org.apache.catalina.Realm and
java.security.Principal together with additional classes
for performing authentication and evaluating realm expressions. The
authentication mechnism is based only on SHA1 passwords so far,
while the realm definitions can be quite a complicated ones (see
3.2 Defining access
roles more precisely).

3.1.3 FOAFrealm_manager - control the FOAF information with
ease

This is a simple web applications that enables to manipulate
persons and their <foaf:knows> connections in extened FOAF
model. The HTML + JavaScript front-end is based mainly on
FOAF-a-matic7 extended with
features required by evaluated versions of friendship definitions.
Additionaly a distance.jsp page is provided to enable
checking the distances between the persons in extended FOAF
model.

3.2 Defining access roles more precisely

The expressions of role definitions can be quite complicated.
Each one can consists of:

Definitions of friendship distances and levels:
F[mbox]distance{.|,}level, where
distance is a maximal number of connections between
mbox and person being authorized, level is a
fractional value of minimal level of friendship. Depending on use
of .[dot] or ,[comma] either both or at least one of
the constraints must be met;

Definitions of group similarities distances and levels:
G[group_uri]distance{.|,}level, where
distance is a maximal number of connections between
group_uri and a group/community that person being authorized
is a memeber of, level is a fractional value of minimal
level of friendship. Depending on use of .[dot] or
,[comma] either both or at least one of the constraints must
be met;

Additionaly each of definition can be grouped in constraints which
would impose that:

every definition must be met - &(D1, D2, D3,
...)

at least one of the definitions has to be met - |(D1, D2,
D3, ...)

exactly one of the definitions must be met - ^(D1, D2, D3,
...)

none of the definitions should be met - !(D1, D2, D3,
...)

With use of such a language of expressions, user can freely define
any kind of realm constraints he dreams of.

3.3 Measuring the distances between people

To measure distance from one person to another, an instance of
Distance class has to be created. Each Distance
instance is stongly connected with Person instance and
following queries about distances are being cached in order to
speed up the measuring process. Though each time the new friendship
is defined or changed in the extended FOAF model, the cache is
authomaticaly cleaned. The measure (distance,level) is being cached
only when full Dijkstra algorithm has been performed. It is to
avoid future problems with very similar role queries but with
different measures.

4. OK, where can I make use of it ?

This is the question we often ask with the new tool. It is
hard to define (at least I hope so) all the applications of
FOAF-Realm, but I will try to describe briefly three of them.

4.1 Yes, you can share your bookmarks in digital library

In large digital library very usefull tool is ability to
bookmark the most interesting books and parts of the books for
futher readings. Some of the users also like to annotate the books
in order to use it in their work or research. It would be very
helpful if users could share the bookmarks and annotations amoung
their friends. FOAF-Realm has been designed to enable such a
feature. Now user can define the role that describes who can see
his/her resources. We can even provide feature to allow friends to
change ie. the annotations. With role expressions defined by
FOAF-Realm one can specify very precisely who can see/modify what.
Picture 4.1 - Sharing my bookmarks with my close
friends presents how can Person_A allow Person_B and Person_C
to gain the access to his/her bookmarks, while having this
information being protected from the others.

Picture 4.1 - Sharing my bookmarks with my close
friends

4.2 Knowing your friends we are able to serve you better in
your search

Elvis Digital Library implements sophisticated searching
algorithms in order to provide user with better result sets. It is
strongly based on three things:

fulltext index

semantic description of resource (based on DublinCore)

history of usage

The results of my research reveiled that use of the least two
things makes about 40% improvement of searching process
quality7. Because the satisfing semantic
description is not so very easy to provide, the information about
hitherto activity of the user can be very important during the
search.

But there is a problem with new users or the ones that have
rather pure activity. How to get information about what they like,
which type of literature they prefer? The best way is to ask their
friends. Within our digital library we can define constraints on
how far we should search for profile information, and than with a
little caution, use it as it would be information provided by the
user him/herself. Of course we have assumed that most people have
friends with similar interests.

4.3 Fare community negotiations

The last application that comes to mind is use of FOAF-Realm
in community negotiations. One of such systems is a MarcOnt portal
that is being developed at the moment. Its goal is to provide
ontology and tools that would be consistent with bibliographic
descriptions like MARC21, semantics and still efficient. The idea
is to invite many people both librarians and computer scientists to
create a community that would negotiate over ie. the ontology
structure. Because the negotiators can be spead around the world it
is hard to protect from groups of them to win the votes over their
own propositons of changes.

One of the propostitions is to provide weights during voting
so that the users that are close friends could not give each other
so much points as they would achieve from very distant or unknown
people. This is a place where FOAF-Realm could be deployed, though
the roles would rather be defined dynamicly this time.

5. Conclustions

FOAF-Realm is a rather new initiative. It still needs a lot of
work and de-bugging, but the work so far brought some questions and
strange bugs.

5.1 Directed graph - is it enough ?

Probably this is the most important question if we allow to
import the information about others' friendships defined by
<rdf:seeAlso>. Within the FOAF-Realm model the information
about the friendship relations can be only accessed by the means
provided by FOAF-Realm libraries. But what if some one defines a
relationships that would violate this integrity? Ie. defines
friendship for someone who is already defined in our model? Should
we reject it or check if the information was not provided by the
authorized person, and if so how?

5.2 What if someone I knew is outside the FOAF-Realm model
?

Within the FOAF-Realm each friendship can be evaluated by two
measures: distance and friendship level. But what if we have
situation like presented on Picture 5.1 - Having friends from outside the FOAF-Realm
? There is a lack of information about the level of friendship
outside the FOAF-Realm model. Once again we have to decide either
to loose the information about the level of friendship between
Person_A and Person_D or to evaluate each friendship outside the
FOAF-Realm model as a 50%.